Proof of Stake (PoS)

Proof of Stake (PoS) is emerging as one of the most widely used blockchain consensus mechanisms in existence. PoS networks incentivize participants to stake native coins in a network of validator nodes. Unlike proof-of-work, on a PoS blockchain, all coins are created in the beginning, and never change. There is no mining. Instead, a new block will be added by a randomly picked (staking) node, which works much like a lottery: nodes (‘operators’ of the blockchain) can choose to invest a certain amount of coins (stake) into a deposit, to become a validating node. While these coins are in deposit, they are not spendable.

Out of these validator nodes, a random node is picked that will create a block. The winning validator node provides the new block with a reference to the preceding block and is then broadcast, upon which all other validator nodes will attest (verify) the transactions inside and add the block to their copy of the blockchain. So, upon the close of a transaction block, validator nodes are eligible to be randomly chosen to validate block data, thus generating the subsequent block, and earning native coins as a reward. A robust nodal network offers increased network security, resiliency, and computational power. To deal with possible bad actors, staking provides incentive for good behaviour: a staking node can lose a portion of their stake for things like going offline (failing to validate), or their entire stake for deliberate collusion. Rewards (coins) are given for creating new blocks and for attesting them, but if nodes attest to malicious blocks, they will lose their stake entirely.

The more coins a validator node invests, the higher its stake; the higher the chance of winning the ‘lottery’. The winner is determined by the consensus algorithm (a ‘lottery machine’). The lottery’s prize is the rights to collect waiting transactions into a block and collect the transaction fees.

In case of Etherium, when proof-of-work is to be replaced with proof-of-stake, there will be the added complexity of shard chains. These are separate blockchains that will need validators to process transactions and create new blocks. As a result, extra coordination is necessary and will be done by the beacon chain.

These beacon chains will be receiving state information from shards and makes it available for other shards, allowing the network to stay in sync. The beacon chain will also manage the validators from registering their stake deposits to issuing their rewards and penalties.

How validation works

Unlike proof-of-work, validators don't need to use significant amounts of computational power because they're selected at random and aren't competing. They don't need to mine blocks; they just need to create blocks when chosen and validate proposed blocks when they're not. This validation is known as attesting.

When you submit a transaction on a shard, a validator will be responsible for adding your transaction to a shard block. Validators are algorithmically chosen by the beacon chain to propose new blocks.

If a validator isn't chosen to propose a new shard block, they'll have to attest to another validator's proposal and confirm that everything looks as it should. It's the attestation that is recorded in the beacon chain rather than the transaction itself; and at least 128 validators are required to attest to each shard block – this is known as a "committee."

The committee has a time-frame in which to propose and validate a shard block. This is known as a "slot." Only one valid block is created per slot, and there are 32 slots in an "epoch." After each epoch, the committee is disbanded and reformed with different, random participants. This helps keep shards safe from committees of bad actors.

Finality

In distributed networks, a transaction has "finality" when it's part of a block that can't change.

To do this in proof-of-stake, Etherium finality protocol, Casper, gets validators to agree on the state of a block at certain checkpoints. So long as 2/3 of the validators agree, the block is finalised. Validators will lose their entire stake if they try and revert this later on via a 51% attack - this is like a miner participating in a 51% attack, causing their mining hardware to immediately burn down. In fact, in order to perform 51% attack on the PoS network, one has to litteraly own 51% of the staked value. Given Etherium market cap is around $20B, one has to: (1) buy $10B worth of ETH - which is by itself will be exposed; and (2) willing to put at risk this amount in case the attack is exposed. So while threat of a 51% attack still exists in proof-of-stake, it's even more risky for the attackers. As you'll have to own 51% - not only is this a lot of money, but it would probably cause ETH's value to drop. There's very little incentive to destroy the value of a currency you have a majority stake in. There are stronger incentives to keep the network secure and healthy.

As you can see, Casper is designed to work in a trustless system and be more Byzantine Fault Tolerant. Anyone who acts in a malicious/Byzantine manner will get immediately punished by having their stake slashed off. This is where it differs from most other POS protocols. Malicious elements have something to lose so it is impossible for there to be nothing at stake.

This means that validators will have to be careful about their node uptime. Carelessness or laziness will lead to them losing their stake. This property reduces censorship of transactions and overall availability.Along with all that, the “slashing” property also lends Casper a distinct edge over standard proof of work protocols.

Conclusion

Proof-of-Stake systems also generally enable validator nodes to contribute democratically in decentralized platform governance through voting on key updates and decisions. While still a recent innovation, PoS networks are already proving they can be faster and more scalable than Proof-of-Work (PoW) blockchains. In addition, as there is no computational-intensive mining with Proof-of-Stake, if it where to receive an energy label, it would rate A+ for very energy efficient.

Comments

Post a Comment

Popular posts from this blog

Rust Static Analysis and Blockchain Licensing

Image
What is static analysis? Static analysis is an analysis of software artifacts. For example requirements or code, carried out without execution of these software development artifacts. Static analysis is usually carried out using supporting tools. In other words, we can say that static analysis is an examination of requirements, design, and code that differ from more traditional dynamic testing in several important ways. The main goal behind this analysis is to find the bugs, whether or not they may cause failures. As with reviews, static analysis finds bugs rather than failures. The general name for static analysis is linting. lint, or a linter, is a tool that analyzes source code to flag programming errors, bugs, stylistic errors, and suspicious constructs. Simply put, a linter is a tool that programmatically scans your code with the goal of finding issues that can lead to bugs or inconsistencies with code health and style. Some can even help fix them for you! How to analyse
Read more

Length extension attack

Image
What is length extension? When a Merkle–Damgård based hash is misused as a message authentication code with construction H(secret ‖ message), and message and the length of secret is known, a length extension attack allows anyone to include extra information at the end of the message and produce a valid hash without knowing the secret. Quick sidebar, before you freak out: Since HMAC does not use this construction, HMAC hashes are not prone to length extension attacks. So, a length extension attack is a type of attack where an attacker can use Hash(message1) and the length of message1 to calculate Hash(message1 ‖ message2) for an attacker-controlled message2, without needing to know the content of message1. Algorithms like MD5, SHA-1 and most of SHA-2 that are based on the Merkle–Damgård construction are susceptible to this kind of attack. Truncated versions of SHA-2, including SHA-384 and SHA-512/256 are not susceptible, nor is the SHA-3 algorithm. A bit more details
Read more

CAP Theorem and blockchain

Image
In theoretical computer science, the CAP theorem states that it is impossible for a distributed data store (such as a blockchain network) to simultaneously provide more than two out of the three guarantees: Consistency, Availability & Partition tolerance. CAP Theorem – the parts C: Consistency – At any given time, all nodes in the network have exactly the same (most recent) value. A: Availability – Every request to the network receives a response, though without any guarantee that returned data is the most recent. P: Partition tolerance – The network continues to operate, even if an arbitrary number of nodes are failing. Due to the nature of distributed data stores (such as blockchain), Partition tolerance is a given fact; there will always be failing/unreachable nodes in the network (not least because of the unstable nature of the internet). CAP Theorem states that one has to choose between C (Consistency) or A (Availability) when in the presence of P (Partition): Av
Read more